<?php

$oper = $_GET['oper'];


if (!isset($oper))
{
    die("Unknown command !");
}

$admin = false;
require_once('auth_req.inc.php');

switch ($oper)
{

    case 'list':

        header("Content-type: text/html; charset=utf-8");
                
        $rs = $dbh->query('select c_id, phase from pictures');

        $alldb = $rs->fetchAll(PDO::FETCH_ASSOC);

        foreach( $alldb as $key => $val)
        {
            $responce[$key] = $val;
        }

        echo json_encode($responce);

        break;

    case 'disp':

        $phase = $_GET['phase'];
        $cnum = $_GET['cid'];


        $sth = $dbh->prepare('select image from pictures where c_id=? and phase=? limit 1');
        $sth->execute(array(intval($cnum), intval($phase)));
        

        if ($sth->rowCount() == 1) 
        {
            $rec = $sth->fetchAll(PDO::FETCH_ASSOC);
            header("Content-type: image/png");   
            header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1
            header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past

            echo base64_decode($rec[0]['image']);
        }
        else
        {
            header("Location: ../img/noimage.png");   // use power of cache :).
        }

    break;

    case 'del':

        $phase = $_GET['phase'];
        $cnum = $_GET['cid'];

        try
        {
            $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $dbh->beginTransaction();

            $sth = $dbh->prepare('delete from pictures where c_id=? and phase=?');
            $sth->execute(array(intval($cnum), intval($phase)));

            $dbh->commit();
        }
        catch (Exception $e)
        {
            $dbh->rollBack();
        }

    break;

}

?>
